U.S. patent number 8,996,473 [Application Number 13/567,544] was granted by the patent office on 2015-03-31 for checking compatibility of extended and core sam schemas based on complex goals.
This patent grant is currently assigned to SAP SE. The grantee listed for this patent is Piergiorgio Bertoli, Andreas Friesen, Jens Lemcke, Marco Pistore, Bernhard Thimmel, Otfried von Geisau. Invention is credited to Piergiorgio Bertoli, Andreas Friesen, Jens Lemcke, Marco Pistore, Bernhard Thimmel, Otfried von Geisau.
United States Patent |
8,996,473 |
Lemcke , et al. |
March 31, 2015 |
Checking compatibility of extended and core SAM schemas based on
complex goals
Abstract
Methods, systems, and computer-readable storage media for
evaluating a validity of an extended status and action management
(SAM) schema. In some implementations, actions include receiving
the extended SAM schema, the extended SAM schema being stored as a
computer-readable document in memory and being an extension of a
core SAM schema, providing one or more goals, each goal
representing an intention of the core SAM schema, the one or more
goals being provided in a computer-readable document stored in
memory and comprising one or more primary goals that each express
an intention of a process underlying the core SAM schema, and
processing the one or more goals using a computer-executable model
checking tool for evaluating the validity of the extended SAM
schema.
Inventors: |
Lemcke; Jens (Karlsruhe,
DE), Friesen; Andreas (Steinfeld, DE),
Thimmel; Bernhard (Edingen-Neckarhausen, DE),
Bertoli; Piergiorgio (Civezzano, IT), Pistore;
Marco (Trento, IT), von Geisau; Otfried
(Sinsheim, DE) |
Applicant: |
Name |
City |
State |
Country |
Type |
Lemcke; Jens
Friesen; Andreas
Thimmel; Bernhard
Bertoli; Piergiorgio
Pistore; Marco
von Geisau; Otfried |
Karlsruhe
Steinfeld
Edingen-Neckarhausen
Civezzano
Trento
Sinsheim |
N/A
N/A
N/A
N/A
N/A
N/A |
DE
DE
DE
IT
IT
DE |
|
|
Assignee: |
SAP SE (Walldorf,
DE)
|
Family
ID: |
50026504 |
Appl.
No.: |
13/567,544 |
Filed: |
August 6, 2012 |
Prior Publication Data
|
|
|
|
Document
Identifier |
Publication Date |
|
US 20140040217 A1 |
Feb 6, 2014 |
|
Current U.S.
Class: |
707/687; 707/601;
706/12; 707/802; 706/45 |
Current CPC
Class: |
G06Q
30/04 (20130101); G06Q 10/067 (20130101) |
Current International
Class: |
G06F
17/30 (20060101) |
Field of
Search: |
;707/601,687,700
;706/45,12 |
References Cited
[Referenced By]
U.S. Patent Documents
Foreign Patent Documents
|
|
|
|
|
|
|
1674990 |
|
Jun 2006 |
|
EP |
|
WO2005117549 |
|
Dec 2005 |
|
WO |
|
WO2008000499 |
|
Jan 2008 |
|
WO |
|
Other References
Piergiorgio Bertoli et al., S&AM Verification--Formal
Framework, Jan. 17, 2011, 14 pages. cited by examiner .
Piergiorgio Bertoli et al., "A&AM Verification--Formal
Framework," Jan. 17, 2011, 14 pages. cited by examiner .
Egon Borger et al., "A Method for Verifiable and Validatable
Business Process Modeling," Advances in Software Engineering,
Lecture Notes in Computer Science 5316, 2008, pp. 59-115. cited by
applicant .
Farhana H. Zulkernine et al., "A Constraint-Driven Business Object
Model for Service-Based Business Processes," Proceedings of the
Ninth International Conference on Information Technology--New
Generations, ITNG'12, Apr. 2012, pp. 182-188. cited by applicant
.
Object Management Group (OMG), "Business Process Modeling Notation,
V1.1", Jan. 17, 2008, 318 pages. cited by applicant .
Nathan S. Caswell et al., "Agility = Change + Coordination,"
Proceedings of the Seventh IEEE International Conference on
E-Commerce Technology Workshops, CECW 2005, Jul. 2005, pp. 131-139.
cited by applicant .
DOT Language and Graphviz Graph Processing Tools [online],
retrieved on Nov. 21, 2012 from http://www.graphviz.org, 3 pages.
cited by applicant .
Carsten Hentrich et al., "Patterns for Business Object Model
Integration in Process-Driven and Service-Oriented Architectures,"
Proceedings of the Pattern Languages of Programs (PLoP '06), Oct.
2006, 14 pages. cited by applicant .
IBM, "Service Data Objects, WorkManager, and Timers: IBM and BEA
Joint Specifications Overview," Nov. 30, 2005, retrieved from
http://www.ibm.com/developerworks/library/specification/j-commonj-sdowmt/-
index.html, 3 pages. cited by applicant .
Chris Kanaracus, "Business Objects bets on convergence in IT tools"
InfoWorld, Aug. 12, 2008,
http://www.infoworld.com/d/security-central/business-objects-bets-converg-
ence-in-it-tools-699, 2 pages. cited by applicant .
Prabir Nandi et al., "Adaptive Business Objects--A New Component
Model for Business Integration," Proceedings of the 7th
International Conference on Enterprise Information Systems, ICEIS
2005, May 2005, pp. 179-188. cited by applicant .
Quyen L. Nguyen et al., Agile Business Objects Management
Application for Electronic Records Archive Transfer Process.
Proceedings of the Balisage: The Markup Conference, Aug. 2009, 16
pages. cited by applicant .
NuSMV: A symbolic model checker [online], retrieved on Nov. 21,
2012 from http://nusmv.fbk.eu, 4 pages. cited by applicant .
OASIS, "Web Services Business Process Execution Language Version
2.0," Public Review Draft 02, Nov. 2006, pp. 282. cited by
applicant .
Marco Pistore et al., "A Minimalist Approach to Semantic
Annotations for Web Processes Compositions," Proceedings of the 3rd
European Semantic Web Conference , ESWC'06, Jun. 2006, Lecture
Notes in Computer Science 4011, pp. 620-634. cited by applicant
.
Karsten Riemer, "A Process-Driven, Event-Based Business Object
Model," Proceedings of the Second International Enterprise
Distributed Object Computing Workshop, EDOC '98, Nov. 1998, pp.
68-74. cited by applicant .
Dumitru Roman et al., "Web Service Modeling Ontology," Applied
Ontology, vol. 1, 2005, pp. 77-106. cited by applicant .
Oumaima Saidani et al., "A Role-Based Approach for Modeling
Flexible Business Processes," Proceedings of the Workshop on
Business Process Modeling, Development, and Support (BPMDS'06) in
association with CAiSE'06, Jun. 2006, pp. 111-120. cited by
applicant .
John Beatty et al., "Next-Generation Data Programming: Service Data
Objects," A Joint Whitepaper with IBM and BEA, Nov. 2003, 15 pages.
cited by applicant .
Frank Michael Kraft et al., U.S. Appl. No. 12/634,834, entitled
"Extending Status Models in a Computer System," filed Dec. 10, 2009
(including specification, claims, abstract and drawings). cited by
applicant .
Frank Michael Kraft et al., U.S. Appl. No. 12/634,996, entitled
"Using Status Models with Adaptable Process Steps in a Computer
System," filed Dec. 10, 2009 (including specification, claims,
abstract and drawings). cited by applicant .
Alessandro Cimatti, et al., "NuSMV 2: An OpenSource Tool for
Symbolic Model Checking". In Proceeding of International Conference
on Computer-Aided Verification (CAV 2002). Copenhagen, Denmark,
Jul. 27-31, 2002, 9 pages. cited by applicant .
`Unified Modeling Language: Superstructure Version 2.0` [online].
Object Management Group, 2005, [retrieved on Nov. 27, 2006].
Retrieved from the Internet: <URL:
www.omg.org/docs/formal/05-07-04.pdf>, pp. 8-12. cited by
applicant .
`Status Management` [online]. SAP, [retrieved on Nov. 27, 2006].
Retrieved from the Internet: <URL:
help.sap.com/saphelp.sub.--47x200/helpdata/en/ee/41f79346ee11d189470000e8-
29fbbd/content.htm>, 2 pages. cited by applicant .
Status Management [online]. SAP, [retrieved on Nov. 27, 2006].
Retrieved from the Internet: <URL:
help.sap.com/saphelp.sub.--47x200/helpdata/en/f0/ca3965260211d28a430000e8-
29fbbd/content.htm>, 1 page. cited by applicant .
`User Status` [online]. SAP, [retrieved on Nov. 27, 2006].
Retrieved from the Internet: <URL:
help.sap.com/saphelp.sub.--47x200/helpdata/en/f0/ca39a6260211d28a430000e8-
29fbbd/content.htm>, 1 page. cited by applicant .
`Workflow Management Coalition The Workflow Reference Model`
[online]. Workflow Management Coalition, 1995, [retrieved on Nov.
27, 2006]. Retrieved from the Internet: <URL:
www.wfmc.org/standards/docs/tc003v11.pdf>, 55 pages. cited by
applicant .
`Introduction to OMG's Unified Modeling Language TM (UML .RTM.)`
[online]. Object Management Group, 2005 [retrieved on Nov. 26,
2006]. Retrieved from the Internet: <URL:
omg.org/gettingstarted/what.sub.--is.sub.--uml.htm>, 16 pages.
cited by applicant .
Leavens, Gary T. et al., "Preliminary Design of JML: A Behavioral
Interface Specification Language of Java," ACM SIGSOFT Software
Engineering Notes, vol. 31, No. 3, May 2006, pp. 1-38. cited by
applicant .
Kiczales, Gregor et al., "An Overview of AspectJ," Lecture notes in
Computer Science, Springer Verlag, Berlin, Germany, vol. 2072, Jun.
18, 2001, pp. 327-353. cited by applicant .
Jason Zhicheng Li, "Business Object State Management Using State
Machine Compiler," Internet Citation, May 1, 2006 (May 2, 2006),
XP002396380, Retrieved from the internet:
http://today.java.ne/pub/a/today/2006 /01/05/business-object-state
management-using-smc.html, retrieved Aug. 24, 2006, 8 pages. cited
by applicant .
Eric Armstrong, "How to implement state-dependent behavior--Doing
the State pattern in Java," internet citation, XP002246628 ISSN:
1091-8906, Retrieved from the internet:
http://222.javaworld.com/javaworld/jw-08-1997/jw-08-stated.sub.--p.html,
retrieved on Jul. 7, 2003, 5 pages. cited by applicant .
W.M.P. van der Aaslt and M. Pesic, "DecSerFlow: Towards a Truly
Declarative Service Flow Language", in M. Bravetti, M. Nunez, and
G. Zavattaro, editors, International Conference on Web Services and
Formal Methods (WS-FM 2006), vol. 4184 of Lecture Notes in Computer
Science, pp. 1-23, Springer-Verlag, Berlin, 2006. cited by
applicant .
Lohman et al., "Behavioral Contraints for Services", Business
Process Management, 5th International Conference, BPM, 2007,
Brisbane, Australia, 16 pages. cited by applicant .
Holger Giese, "Object-Oriented Design and Architecture of
Distributed Systems", Inaugural-Dissertation, Department of
Mathematics and Computer Science, Faculty of Mathematics and
Natural Science, Westfalischen Wilhelms-Universitat Munster, for
the degree of Doctor of Science, Feb. 2001, 327 pages. cited by
applicant .
Beugnard et al., "Making Components Contract Aware", IEEE Computer
Society, Jul. 1999, pp. 38-45. cited by applicant .
Wirtz et al., "The OCoN Approach to Workflow Modeling in
Object-Oriented Systems", Information Systems Frontiers 3:3,
357-376, 2001. cited by applicant .
"Unified Modeling Language: Superstructure", Version 2.0,
formal/Jul. 4, 2005, Object Management Group, Aug. 2005, 694 pages.
cited by applicant .
"Unified Modeling Language: Superstructure", Version 2.1.1
(non-change bar), formal/Jul. 2, 2005, Object Management Group,
Feb. 2007, 716 pages. cited by applicant .
"Object Constraint Language", OMG Available Specification, Version
2.0, formal/Jun. 5, 2001, Object Management Group, May 2006, 232.
cited by applicant .
Baldan et al., "Functorial Concurrent Semantics for Petri Nets and
Read and Inhibitor Arcs", Lecture Notes In Computer Science, vol.
1877, Proceedings of the 11th International Conference on
Concurrency Theory, Springer-Verlag, 2000, 15 pages. cited by
applicant .
"Business Process Modeling Notation Specification", Final Adopted
Specification, dtc/Jun. 2, 2001, Object Management Group, Feb.
2006, 284 pages. cited by applicant .
S. Christensen and N. Hansen, "Coloured Petri Nets Extended with
Place Capacities, Test Arcs and Inhibitor Arcs", Lecture Notes in
Computer Science, vol. 691, Proceedings of the 14th International
Conference on Application and Theory of Petri Nets,
Springer-Verlag, 1993, 21 pages. cited by applicant .
S. Stelting et al., "Applied Java Patterns" (Online), Dec. 26,
2001, Prentice Hall, retrieved from the internet:
http://proquest.safaribooksonline.com/0130935387?tocview=true>,
retrieved Aug. 7, 2009), 11 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued on Nov. 30, 2007, in
corresponding application PCT/ EP2007/005785, 14 pages. cited by
applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005783 on
Jan. 7, 2009, 14 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005779 on
Dec. 30, 2008, 14 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005782 on
Dec. 30, 2008, 14 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005786 on
Jan. 8, 2009, 15 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005784 on
Dec. 29, 2008, 11 pages. cited by applicant .
International Search Report and Written Opinion of the
International Searching Authority issued in PCT/EP2007/005781 on
Dec. 30, 2008, 15 pages. cited by applicant .
Extended European Search Report issued in 07025131.9-1243 / 1939744
on Aug. 19, 2009, 5 pages. cited by applicant .
Merriam-Webster Online, "Programmatically--Definition and More from
the Free Merriam Webster" downloaded Jun. 16, 2010,
http://www.merriam-webster.com/dictionary/programmatically, 2
pages. cited by applicant .
"Unified Modeling Language: Infrastructure", Version 2.1.1 (without
change bars), formal/Jun. 2, 2006, Object Management Group, Feb.
2007, 220 pages. cited by applicant.
|
Primary Examiner: Beausoliel, Jr.; Robert
Assistant Examiner: Bromell; Alexandria
Attorney, Agent or Firm: Fish & Richardson P.C.
Claims
What is claimed is:
1. A computer-implemented method for evaluating a validity of an
extended status and action management (SAM) schema, the method
being executed using one or more processors and comprising:
receiving, by the one or more processors, the extended SAM schema,
the extended SAM schema being stored as a computer-readable
document in memory and being an extension of a core SAM schema;
providing, by the one or more processors, one or more goals, each
goal representing an intention of the core SAM schema, the one or
more goals being provided in a computer-readable document stored in
memory and comprising one or more primary goals and one or more
recovery goals that each express an intention of a process
underlying the core SAM schema, each primary goal being an end goal
that is preserved in the extended SAM schema and each recovery goal
being an acceptable intermediate goal that is replaceable in the
extended SAM schema; providing an extended finite state machine
(FSM) based on the extended SAM schema, the extended FSM
representing states of the extended SAM schema and transitions
between states, the extended FSM being provided as a
computer-readable document and being stored in memory, wherein
processing further comprises processing the extended FSM; and
processing, by the one or more processors, the one or more goals
using a computer-executable model checking tool for evaluating the
validity of the extended SAM schema, wherein the extended SAM
schema is determined to be valid, if at least one of the one or
more primary goals or at least one of the one or more recovery
goals is achieved for each of the core SAM schema and the extended
SAM schema.
2. The method of claim 1, wherein processing the extended FSM and
the one or more goals comprises generating one or more traces, each
trace defining a path of status vectors and actions that are
possible through the extended SAM schema.
3. The method of claim 2, wherein processing the extended FSM and
the one or more goals further comprises: determining that at least
one status vector of each primary goal of the one or more goals
appears in at least one trace; determining that every maximal
finite trace of the one or more traces ends in a status vector of
any goal; determining that from every status vector of any infinite
trace, a status vector of any goal is reachable; and in response,
indicating that the extended SAM schema is valid.
4. The method of claim 2, wherein processing the extended FSM and
the one or more goals further comprises: determining that no status
vector of a primary goal of the one or more goals appears in any
trace; and in response, indicating that the extended SAM schema is
invalid.
5. The method of claim 2, wherein processing the extended FSM and
the one or more goals further comprises: determining that at least
one maximal finite trace of the one or more traces does not end in
a status vector of a goal; and in response, indicating that the
extended SAM schema is invalid.
6. The method of claim 2, wherein processing the extended FSM and
the one or more goals further comprises: determining that from at
least one status vector of any infinite trace, no status vector of
any goal is reachable; and in response, indicating that the
extended SAM schema is invalid.
7. The method of claim 1, wherein each state is associated with a
status vector, the status vector being defined as an ordered set of
variable values.
8. The method of claim 1, wherein each transition is associated
with an action that can be performed to change a status vector.
9. The method of claim 1, wherein the extended SAM schema
represents constraints on actions that can be performed to
transition between states.
10. The method of claim 1, further comprising providing at least
one recovery goal that is specific to the extended SAM schema and
is not a goal of the core SAM schema.
11. The method of claim 1, wherein the process comprises a business
process.
12. The method of claim 1, wherein the core SAM schema is
determined to be valid.
13. The method of claim 1, wherein the extended SAM schema is
provided based on a business object (BO) extension that points to a
core BO, the BO extension comprising business object node (BON)
extensions, each BON extension pointing to a respective BON of the
core BO.
14. The method of claim 1, wherein the core SAM schema is provided
based on the core BO.
15. A non-transitory computer-readable storage medium coupled to
one or more processors and having instructions stored thereon
which, when executed by the one or more processors, cause the one
or more processors to perform operations for evaluating a validity
of an extended status and action management (SAM) schema, the
operations comprising: receiving the extended SAM schema, the
extended SAM schema being stored as a computer-readable document in
memory and being an extension of a core SAM schema; providing one
or more goals, each goal representing an intention of the core SAM
schema, the one or more goals being provided in a computer-readable
document stored in memory and comprising one or more primary goals
and one or more recovery goals that each express an intention of a
process underlying the core SAM schema, each primary goal being an
end goal that is preserved in the extended SAM schema and each
recovery goal being an acceptable intermediate goal that is
replaceable in the extended SAM schema; providing an extended
finite state machine (FSM) based on the extended SAM schema, the
extended FSM representing states of the extended SAM schema and
transitions between states, the extended FSM being provided as a
computer-readable document and being stored in memory, wherein
processing further comprises processing the extended FSM; and
processing the one or more goals using a computer-executable model
checking tool for evaluating the validity of the extended SAM
schema, wherein the extended SAM schema is determined to be valid,
if at least one of the one or more primary goals or at least one of
the one or more recovery goals is achieved for each of the core SAM
schema and the extended SAM schema.
16. A system, comprising: a computing device; and a
computer-readable storage device coupled to the computing device
and having instructions stored thereon which, when executed by the
computing device, cause the computing device to perform operations
for evaluating a validity of an extended status and action
management (SAM) schema, the operations comprising: receiving the
extended SAM schema, the extended SAM schema being stored as a
computer-readable document in memory and being an extension of a
core SAM schema; providing one or more goals, each goal
representing an intention of the core SAM schema, the one or more
goals being provided in a computer-readable document stored in
memory and comprising one or more primary goals and one or more
recovery goals that each express an intention of a process
underlying the core SAM schema, each primary goal being an end goal
that is preserved in the extended SAM schema and each recovery goal
being an acceptable intermediate goal that is replaceable in the
extended SAM schema; providing an extended finite state machine
(FSM) based on the extended SAM schema, the extended FSM
representing states of the extended SAM schema and transitions
between states, the extended FSM being provided as a
computer-readable document and being stored in memory, wherein
processing further comprises processing the extended FSM; and
processing the one or more goals using a computer-executable model
checking tool for evaluating the validity of the extended SAM
schema, wherein the extended SAM schema is determined to be valid,
if at least one of the one or more primary goals or at least one of
the one or more recovery goals is achieved for each of the core SAM
schema and the extended SAM schema.
Description
BACKGROUND
Businesses are increasingly service-driven, where a service can,
for example, represent a part of or a complete business process. In
some examples, the business process depicts the lifecycle of a
business object (BO). A number of actions constrained by a set of
business policies can result in the BO transitioning from an
initial state to a final state during its lifecycle. Constraints
can vary for different customized business processes. The validity
of a business process can depend on the ability of a BO to reach a
final state.
SUMMARY
Implementations of the present disclosure include
computer-implemented methods for evaluating a validity of an
extended status and action management (SAM) schema. In some
implementations, actions include receiving the extended SAM schema,
the extended SAM schema being stored as a computer-readable
document in memory and being an extension of a core SAM schema,
providing one or more goals, each goal representing an intention of
the core SAM schema, the one or more goals being provided in a
computer-readable document stored in memory and comprising one or
more primary goals that each express an intention of a process
underlying the core SAM schema, and processing the one or more
goals using a computer-executable model checking tool for
evaluating the validity of the extended SAM schema.
In some implementations, actions further include providing an
extended finite state machine (FSM) based on the extended SAM
schema, the extended FSM representing states of the extended SAM
schema and transitions between states, the extended FSM being
provided as a computer-readable document and being stored in
memory, wherein processing further comprises processing the
extended FSM.
In some implementations, processing the extended FSM and the one or
more goals includes generating one or more traces, each trace
defining a path of status vectors and actions that are possible
through the extended SAM schema.
In some implementations, processing the extended FSM and the one or
more goals further includes determining that at least one status
vector of each primary goal of the one or more goals appears in at
least one trace, determining that every maximal finite trace of the
one or more traces ends in a status vector of any goal, determining
that from every status vector of any infinite trace, a status
vector of any goal is reachable, and in response, indicating that
the extended SAM schema is valid.
In some implementations, processing the extended FSM and the one or
more goals further includes determining that no status vector of a
primary goal of the one or more goals appears in any trace, and in
response, indicating that the extended SAM schema is invalid.
In some implementations, processing the extended FSM and the one or
more goals further includes determining that at least one maximal
finite trace of the one or more traces does not end in a status
vector of a goal, and in response, indicating that the extended SAM
schema is invalid.
In some implementations, processing the extended FSM and the one or
more goals further includes determining that from at least one
status vector of any infinite trace, no status vector of any goal
is reachable, and in response, indicating that the extended SAM
schema is invalid.
In some implementations, each state is associated with a status
vector, the status vector being defined as a ordered set of
variable values.
In some implementations, each transition is associated with an
action that can be performed to change a status vector.
In some implementations, the extended SAM schema represents
constraints on actions that can be performed to transition between
states.
In some implementations, a primary goal represents a desired goal
of the process.
In some implementations, the one or more goals further comprise one
or more recovery goals, each recovery goal representing an
acceptable goal of the process.
In some implementations, at least one recovery goal is specific to
the extended SAM schema and is not a goal of the core SAM
schema.
In some implementations, the process includes a business
process.
In some implementations, the core SAM schema is determined to be
valid.
In some implementations, the extended SAM schema is provided based
on a business object (BO) extension that points to a core BO, the
BO extension comprising business object node (BON) extensions, each
BON extension pointing to a respective BON of the core BO.
In some implementations, the core SAM schema is provided based on
the core BO.
The present disclosure also provides a computer-readable storage
medium coupled to one or more processors and having instructions
stored thereon which, when executed by the one or more processors,
cause the one or more processors to perform operations in
accordance with implementations of the methods provided herein.
The present disclosure further provides a system for implementing
the methods provided herein. The system includes one or more
processors, and a computer-readable storage medium coupled to the
one or more processors having instructions stored thereon which,
when executed by the one or more processors, cause the one or more
processors to perform operations in accordance with implementations
of the methods provided herein.
It is appreciated that methods in accordance with the present
disclosure can include any combination of the aspects and features
described herein. That is, methods in accordance with the present
disclosure are not limited to the combinations of aspects and
features specifically described herein, but also include any
combination of the aspects and features provided.
The details of one or more implementations of the present
disclosure are set forth in the accompanying drawings and the
description below. Other features and advantages of the present
disclosure will be apparent from the description and drawings, and
from the claims.
DESCRIPTION OF DRAWINGS
FIG. 1 depicts an example process in accordance with
implementations of the present disclosure.
FIG. 2A depicts an example context within which implementations of
the present disclosure can be applied.
FIG. 2B depicts an example object model.
FIG. 3 depicts an example status and action management (SAM) schema
providing constraints on actions that can be executed in the
example context of FIG. 2A.
FIG. 4 depicts an example state diagram based on the example SAM
schema of FIG. 3.
FIG. 5 depicts an example extended SAM schema based on the SAM
schema of FIG. 3.
FIG. 6 depicts an example state diagram based on the example
extended SAM schema of FIG. 5.
FIG. 7 is a schematic illustration of example computer systems that
can be used to execute implementations of the present
disclosure.
Like reference symbols in the various drawings indicate like
elements.
DETAILED DESCRIPTION
Implementations of the present disclosure are generally directed to
modeling intentions of a business process that is expressed in an
extended status and action management (SAM) schema as goals, and
validating the extended SAM schema against the goals. More
particularly, intentions of the business process can be modeled as
one or more primary goals and one or more recovery goals. In some
examples, a core SAM schema is provided and the one or more primary
goals and the one or more recovery goals are provided for the core
SAM schema. A core finite state machine (FSM) is provided based on
the core SAM schema. The one or more primary goals and the one or
more recovery goals are validated against the core FSM to determine
whether the core SAM schema, and thus an underlying core business
process, correctly fulfills the intentions for which the business
process is provided. An extended SAM schema is provided based on
the core SAM schema. An extended FSM is provided based on the
extended SAM schema. The extended SAM schema is validated against
at least the one or more primary goals and one or more recovery
goals to determine whether the extended SAM schema, and thus an
underlying extended business process, correctly fulfills the
intentions for which the core business process is provided. In some
examples, the one or more recovery goals can be different for the
core SAM schema and the extended SAM schema.
In some examples, the extended. SAM schema is valid if the extended
SAM schema can potentially reach every primary goal, and, if the
extended SAM schema cannot reach a primary goal in a course of
execution, the extended SAM schema at least reaches a recovery goal
in that course of execution. In some examples, the extended SAM
schema is invalid if the extended SAM schema cannot reach one of
the primary goals, or the extended SAM schema cannot reach a
recovery goal in a course of execution in lieu of a primary
goal.
In short, the present disclosure provides a constraint-driven
general model (core SAM schema) with a verification process, the
model addressing challenges associated with correctness of the
constraints with respect to specified business goals. An extended
model (extended SAM schema) can be provided based on the general
model, the extended model also addressing challenges associated
with correctness of the constraints with respect to specified
business goals.
FIG. 1 depicts an example process 100 in accordance with
implementations of the present disclosure. In some implementations,
the example process 100 can be provided using one or more computer
programs that are executed using one or more computing devices.
A core SAM schema is received (102). In some examples, the core SAM
schema can be provided as a computer-readable document that is
received from computer-readable memory. For example, the core SAM
schema can be provided in a machine-readable specification
language, discussed in further detail herein. A core FSM is
generated (104). In some examples, the core FSM is generated based
on the core SAM schema and can be provided as computer program
code. One or more goals of the core SAM schema are defined (106).
In some examples, the one or more goals represent intensions of the
core SAM schema and can be defined in a machine-readable
specification language. The core SAM schema is verified based on
the core FSM and the one or more goals (108). In some examples, the
core FSM and the one or more goals are provided to a
computer-executable model checking tool as respective
computer-readable documents. The computer-executable model checking
tool processes the core FSM and the one or more goals, as discussed
in further detail herein, to determine a validity of the core SAM
schema.
An extended SAM schema is received (110). In some examples, the
extended SAM schema can be provided as a computer-readable document
that is received from computer-readable memory. For example, the
extended SAM schema can be provided in a machine-readable
specification language, discussed in further detail herein. An
extended FSM is generated (112). In some examples, the extended FSM
is generated based on the extended SAM schema and can be provided
as computer program code. The extended SAM schema is verified based
on the extended FSM and the one or more goals (114). In some
examples, the extended FSM and the one or more goals are provided
to a computer-executable model checking tool as respective
computer-readable documents. The computer-executable model checking
tool processes the extended FSM and the one or more goals, as
discussed in further detail herein, to determine a validity of the
extended SAM schema.
In general, SAM schemas provide a consistent approach to status
modeling and implementation activities of data objects (e.g., a
business object (BO), or business object node (BON)). More
particularly, a SAM schema can be defined at design-time and can be
provided as a schema model that is stored in computer-readable
medium. The SAM schema includes preconditions for performing
actions with each precondition identifying how a status affects
whether an action is allowed to be performed at runtime by a data
object node instance having the status. A status schema instance is
created for a particular object node instance that is used in a
computer-based process. The status schema instance corresponds to
the status schema model.
In some examples, one or more BOs can be associated with a business
process and can be manipulated during execution of the business
process. In some examples, manipulation of a BO can result in the
BO transitioning from one status to another status. In some
examples, a BO is provided as a hierarchical structure of BO nodes
(BONs). In some examples, BON can correspond to a header of the BO,
and one or more BONs can correspond to respective one or more items
that make up the BO. As used herein, reference to a SAM schema of a
BO can indicate a SAM schema of a BON (e.g., the SAM schema can
refer to a header or an item of a BO, or the BO itself, as
applicable).
In some examples, during execution of a business process, a method
that changes attribute values of the BO can be executed.
Consequently, the BO (e.g., a BON of the BO) can transition from
one status to another status. In some examples, a status can be
defined as the combination of the current attribute values of a BON
at a given point in time. In some examples, a status of the BO can
be defined based on the respective statuses of the BONs that make
up the BO. In some examples, an attribute of BON can be classified
into categories. Example categories can include standard attributes
(e.g., a customer name) and status variables. In some examples,
status variables are additional attributes that describe milestones
in a lifecycle of the BON. Status variables can provide an
aggregated and interpreted view of the status of the BON. In some
examples, the status of a BON can be defined based on the values of
the status variables at a given point in time. In some examples,
the status can be provided as a BO attribute and a modeled entity
of SAM that represents the lifecycle of a BON (the result of a
processing step). Consequently, a status variable specifies a
certain milestone in the lifecycle of a BON (e.g., "order
confirmed"). In terms of the business process, this status is
indicative of the current status of the business process.
Accordingly, a status is a named result of a process step within
the business process that is a precondition for a following process
step.
During the lifecycle of a BO, the BO can enter various statuses. In
order to change a status, an action can be performed on the BO. In
some examples, it is not desirable to enable state changes from any
status to any other status and/or to enable actions with any status
as a precondition for a state change. Consequently, the SAM schema
refines a BO (BON) model, discussed in further detail below, in
terms of a constraint-based model that governs the lifecycle of the
BO (BON). In some examples, the SAM schema is intended to define
all possible statuses of a BON, possible actions that can be
performed on the BON, the resulting statuses, and preconditions in
terms of statuses that have to be reached to perform a certain
action. In other words, the SAM schema provides a constraint-based
model that defines constraints between statuses and actions.
Consequently, the SAM schema is a status schema model type. In some
examples, a status schema includes the status variables of a BON,
the possible status transitions to the values of these status
variables (i.e., triggered by actions) and of preconditions that
guard changes to the status variables. At design time, for a given
BON, various status schemas can be defined and, when the BON is
initialized, one of the status schemas is selected and loaded into
the runtime. During runtime (e.g., execution of the modeled
process), status changes of a BO occur as they are modeled.
Consequently, it can be ensured that no changes other than modeled
changes occur and required changes actually do occur. In order to
do so, the SAM schema (constructed during the design time) is
loaded and evaluated at runtime. Accordingly, a SAM schema
describes the expected runtime behavior of a BON in a certain
business context and represents the relationship between the status
of a BON and its actions, and actual variable values provided
during runtime can be compared to the SAM schema to ensure the
modeled process is executed as expected.
In summary, a status schema can include multiple elements. Example
elements include the multi-valued status variables, the actions,
and edges that define a relationship between a status value and an
action. As discussed above, the status variables and the
corresponding values represent the status of a BON, where a status
variable contains multiple possible status values. At runtime,
every status variable will have exactly one of the possible status
values at any given time. The actions represent the methods that
can be performed on the BON. For any given action, whether the
action is allowed to be performed can depend on the current status
of the BON. The edges represent preconditions that connect status
values with actions. The preconditions provide that the actions can
only be executed if the status variables have certain required
values. However, preconditions do not lead to automatic execution
of the corresponding actions (i.e., just because a precondition for
a particular action is fulfilled, the particular action is not
automatically executed). In some examples, if an action that is
allowed by the preconditions is called, the action changes the
state of the BO and executes exactly one of possibly several status
transitions that originate therefrom. In some examples, edges can
be provided between one status value of one variable to another
status value of another variable, indicating that one status update
directly triggers another status update (e.g., synchronizing).
In some implementations, example elements of a status schema can
include advanced modeling elements. In some examples, advanced
modeling elements can extend simple SAM modeling. By way of
non-limiting example, an advanced modeling element can enable
creation of a header status by aggregating various item status
values.
Intentions of the business process can be modeled as one or more
primary goals and one or more recovery goals. For example, the
primary goals and the recovery goals reflect the intention behind
building the SAM schema (e.g., the purpose of the SAM schema). Each
of the primary goals and the recovery goals can be represented as a
set of status vectors. In some examples, and as discussed in
further detail herein, each of the primary goals and the recovery
goals can be further represented using wildcards and/or logic
operators. In some examples, a primary goal can be provided as a
tuple of status values (optionally including wildcard(s) and/or
logic operator(s)) that achieve a goal of the business process
(i.e., a desired outcome). In some examples, a recovery goal can be
provided as a tuple of status values (optionally including
wildcard(s) and/or logic operator(s)) that achieve an acceptable
goal of the business process (i.e., an acceptable outcome). In some
examples, a goal can be intermediate to achieving an end goal of
the business process. Examples are discussed in further detail
below.
A FSM can be generated based on the SAM schema. In some
implementations, the FSM includes nodes and edges between nodes. In
the following, we refer to nodes without incoming edges as root
nodes, we refer to nodes without outgoing edges as leaf nodes, and
we refer to all other nodes as intermediary nodes. In some
examples, a root node of the FSM can represent an initial status
(e.g., of a BON) and arbitrary nodes can represent final outcomes
of status transitions (i.e., primary goals and/or recovery goals).
Nodes on a trace between an initial status and a goal that are
neither initial status nor goal can each represent an intermediate
status (e.g., of the BON) between the initial status and the goals.
Edges between nodes can represent actions that can be performed to
transition from one status to another status.
As discussed in further detail herein, the FSM can be processed to
determine whether the SAM schema correctly fulfills the intentions
under which the SAM schema was built (i.e., the SAM schema meets
its goal). From a business perspective, a SAM schema meets its goal
if the SAM schema can potentially reach every primary goal. If,
under some circumstances, the schema cannot reach a primary goal,
the SAM schema should at least end up in a recovery goal. In some
examples, loops can be present in the SAM schema. In some examples,
if the loop repeatedly ends at a primary goal or a recovery goal,
the loop is okay and the SAM schema is still considered valid.
Formally, a schema meets a goal if and only if the following
example conditions hold: at least one status vector of every
primary goal appears in at least one trace; every maximal finite
trace ends in a state vector of any primary goal or recovery goal;
and from every status vector(s) of every infinite trace (i.e.,
loop), a status vector of any primary goal or recovery goal is
reachable starting from the status vector(s) (e.g., by the same
trace or another trace).
Implementations of the present disclosure are discussed in further
detail herein with reference to an example context. The example
context includes a service-based business processes, invoicing
processing in particular. It is appreciated, however, that
implementations of the present disclosure are applicable to other
contexts.
In the evolving world of service-based business processes, there is
an increasing demand on customizability and reliability. A service
can be perceived as a part of or a complete business process. A
service can be composed of a series of atomic actions that perform
small tasks. The actions can move a BO from one state, or status,
to another status. In some examples, the BO can be an electronic
document representing a product in supply-chain management or an
item of sale in an online store. In some examples, status changes
can occur by executing an action during the business process. A
number of possible goals in such business processes can be defined
by some final states (e.g., product shipped, order cancelled).
Executability of the actions and firing of the events are
constrained or guided by strict business rules, which can vary for
different customers.
FIG. 2A depicts an example context within which implementations of
the present disclosure can be applied. The example context includes
a service-based business process, an invoicing process 200, in
particular. The example invoicing process 200 includes a data entry
sub-process 204, an approval sub-process 206 and a posting
sub-process 208. In the examples context, an invoice object 210
(i.e., invoice BO) is provided and is linked to multiple invoice
objects 212a-212n. Actions are provided and are controlled by
business constraints, as discussed in further detail below with
reference to FIG. 3. Each action can move the invoice object 210
through the data entry sub-process 204, the approval sub-process
206 and the posting sub-process 208.
At any point in the invoicing process 200, the status of a BO is
defined by a set of status variables. In the example context, an
example status variable can be provided as Data_Entry. Potential
values of the Data_Entry status variable within the data entry
sub-process 204 can include "finished" and "in process." An example
action that can cause the invoice BO to move from one status to
another during the data entry sub-process 204 can include "finish
data entry processing." In some examples, the data entry
sub-process 204 can be projected as an invoicing service.
Consequently, the actions provided within the data entry
sub-process 204 can define the lifecycle of the invoice BO. To
ensure reliability of such business processes, the constraints can
be validated, as discussed herein, so that the invoice BO moves
through the correct execution statuses and ends up in one of the
primary goal or recovery goal statuses.
FIG. 2B depicts an example object model 250. The example object
model 250 is provided as a BO model that includes a core BO model
252 and a constraint-driven lifecycle model 254 referred to as the
SAM schema model. In some examples, the core BO model 252 describes
static features or components associated with the BO, and the SAM
schema model 254 describes the dynamics, or lifecycle, of the BO.
The multi-part modeling of the present disclosure enables the added
flexibility of attaching different SAM schema models to the same BO
model for the different business cases. Further, the BO and the
schema can be extended as needed without affecting the core BOs.
The constraints are defined based on execution statuses, where
status transitions are caused by actions and events.
As discussed in detail above, a BO can include attributes or
variables. The attributes are initialized at the time of
instantiation of the BO and can assume different values during the
business process that acts on the BO. In the example of FIG. 2A,
the invoice BO 210 in the invoicing process 200 can include
attributes such as Order ID, number of order items, and amount. As
also discussed above, a BO is associated with a number of status
variables (SV), each SV representing the status of the BO during a
sub-process of the lifecycle of the BO and having a set of values
associated therewith, including an initial value. In the example
context, the Data_Entry SV can assume one of the values "finished"
and "in process." The status variables of a BO together represent
the combined status or state of the BO. During the business
process, actions are performed that cause status transitions. In
the example object model 250 of FIG. 2B, actions can be referenced
as atomic actions (AA). In the example context, the "finish data
entry processing" action moves the BO from the "in process" status
to the "finished" status.
In some examples, a SV can be affected by several AAs, while an AA
only affects a single SV or no SV at all. In some examples, the
effect of an AA on a SV can be deterministic or non-deterministic
(i.e., the AA sets the SV always to a specific value, or to one of
several possible values depending on some user input or attributes
of the BO). In the example context, the "modify" action can display
options and, based on user input selecting an option, moves the BO
non-deterministically to either the "saved" status or the
"submitted" status.
Status transitions are caused by actions, events, and/or
derivations. In some examples, an event is fired when a SV has a
certain value, and causes a specific status transition that can be
used to synchronize the values of different SVs. For example, a "in
approval" status value of an Approval SV, discussed in further
detail below, causes an event to synchronize the value of the
Data_Entry SV to "finished."
In some examples, a derivation is provided as a means to
dynamically determine status information from multiple SVs. A
derivation also enables distribution of the status information of a
parent BON to multiple descendent BONs and vice versa and modeling
dependencies among BONs. For example, and with reference to FIG.
2A, if an invoice is rejected, a status can be set to "void."
The BO model of the present disclosure provides a strong foundation
for designing flexible and customizable business processes to meet
varying consumer requirements. The BO model further provides a
general framework that can be extended for different types of
BOs.
FIG. 3 depicts an example SAM schema 300 providing constraints on
actions that can be executed in the example context of FIG. 2A.
More particularly, FIG. 3 depicts a Data_Entry SV 302, an approval
SV 304 and a Posting SV 306. Example values for the Data_Entry SV
302 include "finished" 308 and "in process 310. An example action
that can be executed to transition the Data_Entry SV 302 between
values includes "finish data entry processing" 312. Example values
for the Approval SV 304 include "not started" 314, "approval not
necessary" 316, "in approval" 318, "rejected" 320 and "approved"
322. Example actions that can be executed to transition the
Approval SV 304 between values include "app_submit" 324 (submit for
approval), "reject" 326 and "approve" 328. Example values for the
Posting SV 306 include "not posted" 330, "void" 332 and "posted"
334. An example action that can be executed to transition the
Posting SV 306 between values includes "post" 336.
FIG. 3 provides a graphical representation of constraint types that
can be defined in the example BO model (e.g., of FIG. 2B). In the
depicted example, an action is enabled if any one of the
"Allowed_by" and all of the "Required" conditions (constraints) are
true, and all of the "Inhibited_by" conditions (constraints) are
false. Each of these conditions can be more complex if, for
example, values of multiple SVs are joined using logical operators
(e.g., AND, OR). In the example constraints of FIG. 3, "post" 336,
which affects the value of the Posting SV 306, is executable when
the Approval SV 304 has the value of either "approval not
necessary" 316 OR "approved" 322 AND (&) the Posting SV 304 has
the value "not posted" 330 (i.e., the invoice has not been
posted).
In some implementations, the BO model depicts a SAM model and can
be defined using a machine-readable specification language. An
example specification language can be denoted by the acronym SAMLA
(e.g., SAM LAnguage). In the example context, an example
specification can be provided as:
TABLE-US-00001 BON BusinessObj { STATUS_VARS Data_Entry, Approval,
Posting VARIABLE Data_Entry VALUES finished, in_process INITIAL
in_process VARIABLE Approval VALUES not_started,
approval_not_necessary, in_approval, rejected, approved INITIAL
not_started VARIABLE Posting VALUES not_posted, void, posted
INITIAL not_posted ACTIONS ACT_Finish_Data_Entry_Processing,
ACT_App_Submit, ACT_Reject, ACT_Approve, ACT_Post SCHEMAS Schema1
}
where a BON represents a BO model. Generally, and as depicted in
the example above, a BON specification defines the list of SVs, the
set of values for each SV including the initial value, the AAs, and
schemas associated with the BO. In some implementations, an example
schema model can be provided as:
TABLE-US-00002 SCHEMA Schema1 { ACTION
ACT_Finish_Data_Entry_Processing ALLOWED_BY Data_Entry = in_process
REQUIRED Posting = not_posted ACTION ACT_App_Submit ALLOWED_BY
Approval = not_started & Posting = not_posted ACTION ACT_Reject
ALLOWED_BY Approval = in_approval ACTION ACT_Approve ALLOWED_BY
Approval = in_approval ACTION ACT_Post ALLOWED_BY (Approval =
approval_not_necessary OR approved) AND Posting = not_posted ...
SYNCHRONIZE Approval = approval_not_necessary OR in_approval TO
Data_Entry = finished ... }
In general, and as depicted in the above example, a schema
specification defines the constraints on each AA, the state
transitions caused by each AAs (i.e., the possible values of the
associated SV if the action is performed), and events such as
status synchronizers.
Multiple types of constraints can be defined for each AA. In some
examples, an action is executable if any one of the ALLOWED_BY
constraints is true (i.e., multiple constraints joined by logical
OR operations), all REQUIRED constraints are true (i.e., multiple
constraints joined by logical AND operation), and none of the
INHIBITED_BY constraints is true (i.e., each condition is negated
and then, joined by logical AND). In some examples, the CAUSES part
of an ACTION specification in the schema indicates the effect of
the action. In some examples, CAUSES having two or more parts
indicates that the result of the AA is non-deterministic (e.g., the
modify action in the example schema model above). In some examples,
SYNCHRONIZE denotes an event that sets a second SV to the specified
value when a first SV is assigned a certain value.
As discussed herein, a goal specification can be provided and can
be used to validate the BO model. In general, goals can include
primary goals and recovery goals and can be provided as complex
conditions, which may hold in a single state or in sets of states.
In some examples, goals can be defined as desired assignments of a
set of SVs that can be combined using logical operators. In the
example context, an example goal specification can be provided
as:
TABLE-US-00003 //Goal and goal category specification GOAL goal_1
STATE Approval = approved AND Posting= posted GOAL goal_2 STATE
Approval = rejected AND Posting = not_posted GOAL_CATEGORY
goalcat_1 SET (goal_1 OR goal_2)
A goal category is specified using pre-defined goal states, which
are combined with logical and set operators. In general, goal
categories are specified at the end of the goal specification for
verification purposes.
As discussed above, a FSM is generated based on the SAM model (BO
model). In some implementations, the SAM model is mapped onto a
FSM, and the FSM is used for the verification of the BO and schema
models in view of the goals. Each state of the FSM can be
represented as a status vector that describes the status of the BO
at the particular state. In some examples, the status vector is
provided based on each of the SVs of the BO and the respective
values of the SVs at the particular state. In some examples, an
initial state of the FSM represents a complete assignment of each
of the SVs to their initial values. Transition relations capture
the fact that the values of the SVs change due to the effects of
AAs.
FIG. 4 depicts an example state diagram 400 based on the example
context. It is appreciated that the example state diagram 400
depicts the invoice process 200 of FIG. 2A and reflects the SAM
model of FIG. 3. The example state diagram includes a root node
402, intermediate nodes 404, 406, 408, 409 and leaf nodes 410, 412,
414, where each node represents a status of, in the example
context, an invoice BO, and edges between nodes represent actions
(AAs) that can be performed on the BO to transition the status of
the BO to another state. Boxes 420, 422 indicate that the leaf
nodes 410, 412, 414, respectively, represent goal states. In the
depicted example, the box 420 indicates (two status vectors
aggregated to) one primary goal and the box 422 indicates a
secondary goal.
The example state diagram 400 of FIG. 4 can depict state
transitions of an invoice BO, for example. In some examples, the
invoice BO can track the finalization of entering the invoice data
before the invoice is submitted for approval. In some examples, the
submit for approval (SFA) action determines whether an approval is
necessary based on some business logic (e.g., depending on the
total amount of the invoice). If no approval is necessary, the
invoice can be posted. Otherwise, the invoice has to be rejected or
approved. After approval, the invoice can be posted. In some
examples, and from a business perspective, the main purpose, or
intention, of the invoice BO is the posting of the invoice (the
desired outcome). If posting is not possible, processing of the
invoice can also be concluded by rejecting the invoice (an
acceptable outcome). Semantics are modeled using primary and
recovery goals, where a goal is provided as a set of status
vectors. As a shorthand notation, wildcards (*) and logical
operators can be used. In some examples, the status vectors for the
example of FIGS. 3 and 4 can be provided using the following order
of the status variables (Data_Entry, Approval, Posting). In the
depicted example, goals can be provided as:
Primary goal: (Finished, Approval not necessary|Approved,
Posted)
Recovery goal: (*, Rejected, *)
With continued reference to FIG. 4, and as noted above, an example
status vector for the invoice BO can be defined as:
status=(Data_Entry, Approval, Posting), where each of Data_Entry,
Approval and Posting is a placeholder for one of the respective,
allowed values.
With continued reference to FIG. 4, the root node 402 reflects an
initial state (S1) of the invoice BO, defined as: S1=(in_process,
not_started, not_posted) An edge 430 represents the
"finish_data_entry_processing" (FDE) action that can be performed
to transition the invoice BO from the initial state to an
intermediate state represented by the intermediate node 404 and
defined as: S2=(finished, not_started, not_posted) An edge 432
represents the "app_submit" (submit for approval (SFA)) action that
can be performed to transition the invoice BO from the initial
state to an intermediate state represented by the intermediate node
406 and defined as: S3=(finished, approval_not_necessary,
not_posted) An edge 434 represents the "app_submit" action that can
be performed to transition the invoice BO from the intermediate
state represented by the intermediate node 404 to the intermediate
state represented by the intermediate node 406. An edge 436
represents the "post" action that can be performed to transition
the invoice BO from the intermediate state represented by the
intermediate node 406 to the final state represented by the leaf
node 410 and defined as: S4=(finished, approval_not_necessary,
posted)
An edge 438 represents the "app_submit" action that can be
performed to transition the invoice BO from the initial state to an
intermediate state represented by the intermediate node 408 and
defined as: S5=(finished, in_approval, not_posted) An edge 440
represents the "app_submit" action that can be performed to
transition the invoice BO from the intermediate state represented
by the intermediate node 404 to the intermediate state represented
by the intermediate node 408.
An edge 441 represents the "approve" action that can be performed
to transition the invoice BO from the intermediate state
represented by the intermediate node 408 to an intermediate state
represented by the intermediate node 409 and defined as:
S6=(finished, approved, not_posted) An edge 442 represents the
"post" action that can be performed to transition the invoice BO
from the intermediate state represented by the intermediate node
409 to the final state represented by the leaf node 412 and defined
as: S7=(finished, approved, posted) An edge 444 represents the
"reject" action that can be performed to transition the invoice BO
from the intermediate state represented by the intermediate node
408 to the final state represented by the leaf node 414 and defined
as: S8=(finished, rejected, not_posted)
Although an example FSM is graphically represented above (i.e., in
FIG. 4), it is appreciated that the FSM can be represented, or
encoded in a machine-readable language within a document (e.g., a
document that can be processed by one or more computing devices).
More specifically, representing the SAM schema in terms of a FSM
enables encoding of the SAM schema as input program code of a
computer-executable model checking tool for validating the SAM
schema. In the encoded schema model (i.e., the FSM), the
verification criteria are expressed as logical assertions that can
be checked for validity and violations thereof can be reported.
As discussed above, the SAM schema (BO model) can be validated
based on the FSM and the defined goals (e.g., using a
computer-executable model checking tool). To illustrate such
validation, the example state diagram 400 and example goals are
referenced within the example context discussed above. The example
goals can include the final status represented by the leaf nodes
410, 412 of FIG. 4 (i.e., status (S4)=(finished,
approval_not_necessary, posted), status (S7)=(finished, approved,
posted), respectively), and the final status represented by the
leaf node 414 of FIG. 4 (i.e., status (S8)=(finished, rejected,
not_posted)) (hence the respective boxes 420, 422). In the depicted
example, the leaf nodes 410, 412 are representative of primary
goals and the leaf node 414 is representative of a recovery goal.
In some implementations, traces through the FSM can be generated,
each trace defining a path of status vectors and actions that are
possible through the SAM schema.
As also discussed above, a SAM schema meets a goal if and only if
at least one status vector of every primary goal appears in at
least one trace; every maximal finite trace ends in a status
(state) vector of any primary goal or recovery goal; and from every
status vectors of every infinite trace (i.e., loop), a status
vector of any primary goal or recovery goal is reachable starting
from the status vector(s) (e.g., by the same trace or another
trace). In the example of FIG. 4, the goals represented by the leaf
nodes 410, 412, 414 appear in at least one trace, however, and
every maximal finite trace ends in a goal. Consequently, the SAM
schema represented by the state diagram 400 of FIG. 4 is valid.
In some examples, if the SAM schema is determined to be invalid,
one or more traces that resulted in the invalid status of the SAM
schema can be displayed to a user on a display. In this manner, the
user can be made aware of problematic traces and can revise the
invalid SAM schema to provide a valid SAM schema.
Implementations of the present disclosure address extensibility of
a core SAM schema to provide an extended SAM schema. In some
implementations, requirements for model (SAM schema) extension can
include that an extension should not modify the model (because only
then extensions and model changes are reconcilable); two extensions
should not conflict with each other; extensions should be
extensible as well; and extensions should only influence the model
in such a way, that the functionality of the BO using the model is
not be harmed.
In some implementations, a SAM extension adds additional actions to
the BON, as well as status variables and an additional model
snippet containing the SAM model for the extension. In some
examples, the added elements are modeled in a BO extension that
points to a BO and that extends the BO. In some examples, the BO
extension includes BON extensions, each of which points to a
respective BON of the BO. In some examples, the BON extensions have
the same names as the BONs that they point to, but the namespaces
can be different. In some examples, a BON extension carries the
additional (enhanced) actions and (enhanced) status variables (SVs)
that are defined as part of the BON extension. Furthermore the BON
extension carries a status schema extension pointing to a status
schema. In some examples, a status schema extension has the same
name as the status schema that it points to, but includes a
different namespace.
In some implementations, the extensibility of SAM schemas follows
rules that ensure that the resulting model does not harm the
functionality of the underlying BO. In some examples, the following
modeling elements are allowed in a SAM schema extension: status
variables, actions, preconditions, status transitions (including
actions with multiple status transitions), synchronizers,
stateguards and overall derivation. In some examples, the following
rules describe which modeling elements are allowed/not allowed
between the extension and the underlying (core) SAM schema and the
SAM schema extension: Underlying (core) SAM
schema.fwdarw.Extension: Allowed=preconditions and synchronizers
Not Allowed=status transitions or derivation edges
Extension.fwdarw.Underlying (core) SAM schema: Allowed=inhibiting
preconditions and requiring preconditions Not Allowed=status
transitions, enabling preconditions, derivation edges,
synchronizers, or neutral preconditions
Further rules can include that a SAM schema extension should not
add, change or remove edges that are neither connected to an
extension status nor to an extension action. For example, the
following are not allowed: adding or deleting preconditions within
the core SAM schema adding or deleting status transitions within
the core SAM schema. In some examples, an extension should not lead
to a deadlock. That is, an extension should, at most, only delay
when an action of the core SAM schema can be executed, but should
not forbid the action. In some examples, an extension can lead to a
deadlock. For example, deadlocks can be allowed for traces that
would result in recovery goals in the core SAM schema. In some
examples, synchronizers to extensions can originate from any status
value of the core SAM schema except values of a derived status
variable or values other than the initial value that can be set by
a state guard. In some examples, no additional flag indicating when
a status value can be used as the origin of a synchronizer can be
provided.
In general, the example rules discussed above are provided to avoid
influencing the behavior of the underlying BO in an illegal way.
The rules ensure that the state and the status of a BO are always
in synchronization with one another. Further, shortcuts are not
achievable using an extension. Accordingly, a status transition
from an extension action to a status value of the underlying BO
(core status value) is not allowed, because it would then be
possible to set a core status value without having the
corresponding state of the BO (i.e., the state and the status would
be out of synchronization with one another, which is not allowed).
The state of the core BO can only be maintained by executing core
actions. For this reason, shortcuts (e.g., bypassing a core action)
by means of the extension are also not allowed. The integrity of
the core BO is only maintained if no core action is bypassed. If a
core action were bypassed, new states would be possible in the
core, which would not be able to be processed. Further, a bypassed
core action would not able to transform the state of the BO
corresponding to the status change. Consequently, no modeling
elements are allowed that would lead to set a core status or to
bypass a core action.
In accordance with implementations of the present disclosure, a SAM
schema extension that is applied to a core SAM schema (providing an
extended SAM schema) can be validated using primary and recovery
goals. In some examples, the main condition for extension validity
is that no relevant functionality from the core SAM schema is lost
in the extension in addition to the syntactic correctness. In some
examples, multiple checks are performed to determine extension
validity. Example checks can include that the extension must
respect the syntax rules for SAM schema extension, the extension
goal must be a proper extension of the core goal, and the core plus
extension (i.e., the extended SAM schema) must meet the extension
goal.
FIG. 5 depicts an example extended SAM schema 300' based on the SAM
schema 300 of FIG. 3. In an example, the invoice process has been
extended to include duplicate analyzer business logic.
Consequently, in the example of FIG. 5, the core SAM schema 300 of
FIG. 3 has been extended to include a Duplicate_Status SV 350 and
the actions "mark duplicate" 352 and "mark not duplicate" 354 to
provide the extended SAM schema 300' of FIG. 5. Example values for
the Duplicate_Status SV 350 include "not checked" 356, "duplicate"
358 and "no duplicate" 360. For purposes of clarity, reference
numbers for elements provided in both FIGS. 3 and 5 are absent from
FIG. 5. In the depicted example, constraints include that the
Data_Entry SV 302 must have the value of "finished" 310 before the
actions "mark duplicate" 352 and "mark not duplicate" 354 can be
performed. Further, the action "reject" 326 is disabled.
FIG. 6 depicts an example state diagram 600 based on the example
extended SAM schema 300' of FIG. 5. The example state diagram 600
includes a root node 602, intermediate nodes 604, 606, 608, 610,
612, 614, 616, 618 and leaf nodes 620, 622, 624, 626, 628, where
each node represents a status of, in the example context, an
invoice BO, and edges between nodes represent actions (AAs) that
can be performed on the invoice BO to transition the status of the
invoice BO to another state. Boxes 630, 632 indicate that the
intermediate nodes 610, 616, 618 and leaf nodes 620, 622, 624, 626,
628, respectively, represent goal states. In the depicted example,
the box 630 indicates one primary goal and the box 632 indicates
one recovery goal. In some examples, the status vectors for the
example of FIGS. 5 and 6 can be provided using the following order
of the status variables (Data_Entry, Approval, Posting,
Duplicate_Status).
In general, every primary goal of the core SAM schema appears in at
least one primary goal of the extended SAM schema, and recovery
goals of the core SAM schema can be neglected the extended SAM
schema. Further, new recovery goals can be introduced in the
extended SAM schema. In the depicted example, the SAM schema
extension correctly extends the core goal of FIG. 4. For example,
the primary core goal corresponds to the only primary extension
goal: Primary goal: (Finished, Approval not necessary|Approved,
Posted).fwdarw.(Finished, Approval not necessary|Approved, Posted,
No Duplicate) This is sufficient to determine that the extension
goal is a proper extension of the core goal. To complete the
enumeration, the recovery core goal was removed, and a new recovery
goal was added in the extension. That is, the recovery goal (*,
Rejected, *) is removed by the extension, and a new recovery goal
is provided as: Recovery goal: (*, *, *, Duplicate)
With continued reference to FIG. 6, the root node 602 reflects an
initial state (S1') of the invoice BO, defined as: S1'=(in_process,
not_started, not_posted, not_checked) An edge 650 represents the
"finish_data_entry_processing" (FDE) action that can be performed
to transition the invoice BO from the initial state to an
intermediate state represented by the intermediate node 604 and
defined as: S9=(finished, not_started, not_posted, not_checked) An
edge 652 represents the "mark duplicate" (MD) action that can be
performed to transition the invoice BO from the initial state to a
final state represented by the leaf node 628 and defined as:
S2'=(finished, not_started, not_posted, duplicate) An edge 654
represents the "mark_not_duplicate" action that can be performed to
transition the invoice BO from the intermediate state represented
by the intermediate node 604 to the intermediate state represented
by the intermediate node 606 and defined as: S10=(finished,
not_started, not_posted, no_duplicate)
An edge 656 represents the "app_submit" (SFA) action that can be
performed to transition the invoice BO from the intermediate state
represented by the intermediate node 606 to an intermediate state
represented by the intermediate node 608 and defined as:
S11=(finished, approval_not_necessary, not_posted, no_duplicate) An
edge 658 represents the "mark_duplicate" action that can be
performed to transition the invoice BO from the intermediate state
represented by the intermediate node 608 to the final state
represented by the leaf node 620 and defined as: S3'=(finished,
approval_not_necessary, not_posted, duplicate)
An edge 660 represents the "post" action that can be performed to
transition the invoice BO from the intermediate state represented
by the intermediate node 608 to the intermediate state represented
by the intermediate node 610 and defined as: S4'=(finished,
approval_not_necessary, posted, no_duplicate) An edge 662
represents the "mark_duplicate" action that can be performed to
transition the invoice BO from the intermediate state represented
by the intermediate node 610 to the final state represented by the
leaf node 622 and defined as: S12=(finished,
approval_not_necessary, posted, duplicate)
An edge 664 represents the "app_submit" action that can be
performed to transition the invoice BO from the intermediate state
represented by the intermediate node 606 to an intermediate state
represented by the intermediate node 612 and defined as:
S13=(finished, in_approval, not_posted, no_duplicate) An edge 666
represents the "approve" action that can be performed to transition
the invoice BO from the intermediate state represented by the
intermediate node 612 to an intermediate state represented by the
intermediate node 614 and defined as: S14=(finished, approved,
not_posted, no_duplicate) An edge 668 represents the "post" action
that can be performed to transition the invoice BO from the
intermediate state represented by the intermediate node 614 to the
intermediate state represented by the intermediate node 616 and
defined as: S7'=(finished, approved, posted, no_duplicate) An edge
670 represents the "mark_duplicate" action that can be performed to
transition the invoice BO from the intermediate state represented
by the intermediate node 616 to the final state represented by the
leaf node 624 and defined as: S15=(finished, approved, posted,
duplicate)
An edge 672 represents the "mark_duplicate" action that can be
performed to transition the invoice BO from the intermediate state
represented by the intermediate node 612 to the intermediate state
represented by the intermediate node 618 and defined as:
S5'=(finished, in_approval, not_posted, duplicate) An edge 674
represents the "mark_duplicate" action that can be performed to
transition the invoice 130 from the intermediate state represented
by the intermediate node 614 to the final state represented by the
leaf node 626 and defined as: S6'=(finished, approved, not_posted,
duplicate) An edge 676 represents the "approve" action that can be
performed to transition the invoice 130 from the intermediate state
represented by the intermediate node 618 to the final state
represented by the leaf node 626. An edge 678 represents the "mark
duplicate" action that can be performed to transition the invoice
BO from the intermediate state represented by the intermediate node
606 to the final state represented by the leaf node 628.
One advantage of the use of primary and recovery goals is that
unimportant changes in the status transition, which result from an
extension, do not influence the correctness of the extension. To
demonstrate that, the state diagram 400 of FIG. 4 and the state
diagram 600 of FIG. 6 can be compared. The comparison reveals that
the edges 432, 438, 444 and the node 414 of FIG. 4 have been
removed and that the nodes 402, 404, 406, 408, 409, 410, 412
(respectively representing states S1, S2, S3, S5, S6, S4, S7) of
FIG. 4 are intact as respective nodes 602, 628, 620, 618, 626, 610,
614 of FIG. 6 (respectively representing states S1', S2', S3', S5',
S6', S4', S7'). In FIG. 4, submission for approval was allowed
without explicitly marking the finishing of data entry in the core
SAM schema. The removal of that trace (i.e., the edges 432, 438)
does not change the purpose of the SAM schema because the main
purpose (e.g., posting) can still be achieved in the extended SAM
schema.
Another advantage is that the distinction can be made between goals
that are to be preserved in an extension and goals that can be
neglected. In the depicted example, the rejection functionality was
disabled in the extended SAM schema, which does not hurt the
primary purpose (e.g., posting). For example, and if the rejection
functionality should be provided as such an important feature of
the invoice process that any extension should observe it, the
rejection functionality could be marked as a primary goal in the
state diagram of FIG. 4.
As a further advantage, primary goals can be organized into groups
of status vectors where achieving only one of the status vectors
can be deemed to be sufficient enough for an extension to meet that
primary goal. As an example, an extension that enforces approval
can be provided. Such an extension would remove the status vectors
S3 and S4 (nodes 406 and 410 of FIG. 4) and the related edges
(edges 432, 434, 436 of FIG. 4). According to the goal definitions,
such an extension would still be valid, because at least one way of
achieving the primary goal is preserved. If it was instead desired
to preserve both ways of posting (with approval and without
approval) in any extension, two separate primary goals can be
defined. Example, separate primary goals can include S4 (finished,
approval_not_necessary, posted) and S7 (finished, approved, posted)
that are provided in separate primary goal boxes instead of a
single box (e.g., the primary goal box 420 of FIG. 4).
Referring now to FIG. 7, a schematic diagram of an example
computing system 700 is provided. The system 700 can be used for
the operations described in association with the implementations
described herein. For example, the system 700 may be included in
any or all of the server components discussed herein. The system
700 includes a processor 710, a memory 720, a storage device 730,
and an input/output device 740. The components 710, 720, 730, 740
are interconnected using a system bus 750. The processor 710 is
capable of processing instructions for execution within the system
700. In one implementation, the processor 710 is a single-threaded
processor. In another implementation, the processor 710 is a
multi-threaded processor. The processor 710 is capable of
processing instructions stored in the memory 720 or on the storage
device 730 to display graphical information for a user interface on
the input/output device 740.
The memory 720 stores information within the system 700. In one
implementation, the memory 720 is a computer-readable medium. In
one implementation, the memory 720 is a volatile memory unit. In
another implementation, the memory 720 is a non-volatile memory
unit. The storage device 730 is capable of providing mass storage
for the system 700. In one implementation, the storage device 730
is a computer-readable medium. In various different
implementations, the storage device 730 may be a floppy disk
device, a hard disk device, an optical disk device, or a tape
device. The input/output device 740 provides input/output
operations for the system 700. In one implementation, the
input/output device 740 includes a keyboard and/or pointing device.
In another implementation, the input/output device 740 includes a
display unit for displaying graphical user interfaces.
The features described can be implemented in digital electronic
circuitry, or in computer hardware, firmware, software, or in
combinations of them. The apparatus can be implemented in a
computer program product tangibly embodied in an information
carrier, e.g., in a machine-readable storage device, for execution
by a programmable processor; and method steps can be performed by a
programmable processor executing a program of instructions to
perform functions of the described implementations by operating on
input data and generating output. The described features can be
implemented advantageously in one or more computer programs that
are executable on a programmable system including at least one
programmable processor coupled to receive data and instructions
from, and to transmit data and instructions to, a data storage
system, at least one input device, and at least one output device.
A computer program is a set of instructions that can be used,
directly or indirectly, in a computer to perform a certain activity
or bring about a certain result. A computer program can be written
in any form of programming language, including compiled or
interpreted languages, and it can be deployed in any form,
including as a stand-alone program or as a module, component,
subroutine, or other unit suitable for use in a computing
environment.
Suitable processors for the execution of a program of instructions
include, by way of example, both general and special purpose
microprocessors, and the sole processor or one of multiple
processors of any kind of computer. Generally, a processor will
receive instructions and data from a read-only memory or a random
access memory or both. The essential elements of a computer are a
processor for executing instructions and one or more memories for
storing instructions and data. Generally, a computer will also
include, or be operatively coupled to communicate with, one or more
mass storage devices for storing data files; such devices include
magnetic disks, such as internal hard disks and removable disks;
magneto-optical disks; and optical disks. Storage devices suitable
for tangibly embodying computer program instructions and data
include all forms of non-volatile memory, including by way of
example semiconductor memory devices, such as EPROM, EEPROM, and
flash memory devices; magnetic disks such as internal hard disks
and removable disks; magneto-optical disks; and CD-ROM and DVD-ROM
disks. The processor and the memory can be supplemented by, or
incorporated in, ASICs (application-specific integrated
circuits).
To provide for interaction with a user, the features can be
implemented on a computer having a display device such as a CRT
(cathode ray tube) or LCD (liquid crystal display) monitor for
displaying information to the user and a keyboard and a pointing
device such as a mouse or a trackball by which the user can provide
input to the computer.
The features can be implemented in a computer system that includes
a back-end component, such as a data server, or that includes a
middleware component, such as an application server or an Internet
server, or that includes a front-end component, such as a client
computer having a graphical user interface or an Internet browser,
or any combination of them. The components of the system can be
connected by any form or medium of digital data communication such
as a communication network. Examples of communication networks
include, e.g., a LAN, a WAN, and the computers and networks forming
the Internet.
The computer system can include clients and servers. A client and
server are generally remote from each other and typically interact
through a network, such as the described one. The relationship of
client and server arises by virtue of computer programs running on
the respective computers and having a client-server relationship to
each other.
In addition, the logic flows depicted in the figures do not require
the particular order shown, or sequential order, to achieve
desirable results. In addition, other steps may be provided, or
steps may be eliminated, from the described flows, and other
components may be added to, or removed from, the described systems.
Accordingly, other implementations are within the scope of the
following claims.
A number of implementations of the present disclosure have been
described. Nevertheless, it will be understood that various
modifications may be made without departing from the spirit and
scope of the present disclosure. Accordingly, other implementations
are within the scope of the following claims.
* * * * *
References